<?php


class User {

    var $db;
    var $username;
    var $UserID;
    var $Admin;

    public function __construct($db) {
        $this->db = $db;
        $this->username = '';
        $this->UserID = -1;
        $this->Admin = -1;
    }

    public function dologin($usern, $uid, $admin) {
        $this->UserID = $_SESSION['UserID'] = $uid;
        $this->username = $usern;
        if($admin == 1) {
            header('location: admin.php');
        }
        else
            header('location: blog.php?id=' . $uid);
    }

    public function logout() {
        session_unset();
        session_destroy();
    }

   public function loggedOn() {
        if (isset($_SESSION['UserID']))
            return true;
        else
            return false;
    }
    public function admin($userid) {
        include 'db.php';
        if($this->loggedOn())   {
            $sql2 = 'SELECT * FROM user WHERE UserID = :UserID';
            $sth = $db->prepare($sql2);
            $sth->bindParam(':UserID', $userid);
            $sth->execute();
            if($row = $sth->fetch())    {
                if($row['Admin'] == 1)
                    return true;
                else
                    return false;
            }
        }
    }

    public function getID() {
        if ($this->loggedOn())
            return $_SESSION['UserID'];
        else
            return null;
    }

    public function getLoginForm($error) {
        if ($this->loggedOn() == true)
            return "<form method='post' action='authenticate.php'>\n
			<input type='hidden' name='logout' value='true'/>\n
			<input type='submit' value='Logg av'/>\n</form>";
        else    {
            return "<form method='post' action='authenticate.php'>
			<label for='Username'>Brukernavn</label><input type='text' name='Username'>$error<br/>\n
			<label for='Password'>Passord</label><input type='password' name='Password'><br/>\n
			<input type='submit' value='Logg på'/>\n</form>";
        }
    }

}

$user = new User($db);
if (isset($needLogin) && !$user->loggedOn())
    die('You need to be logged on to do this!');
?>